OTOBO Download

Current version: OTOBO 10.0.11

Find download links to the most recent OTOBO installer packages for the various LINUX distributions and the Docker Image here:

From version 10.0.7 on, we recommend installing via Docker.



Docker® Image


Release News

Security Advisories

Security Advisory 2021-05
A vulnerability made it possible for an attacker to use JavaSript injection via a manipulated link or CSRF to create tickets on behalf of a CustomerUser interacting with the manipulated resource, or change their preferences (except the password).
Thanks to hypnguyen1209 for sharing the issue.
Criticality: low.

Patched in OTOBO 10.0.11.

Security Advisory 2021-04
Attackers were able to tap data in the ticket overview by way of an XSS attack using a manipulated email. Thanks to the Znuny team for sharing the issue and providing the fix (ZSA-2021-06; Criticality: high).

A security issue in JQuery-Validate enabled ReDoS attacks (CVE-2021-21252; criticality: low).

Patched in OTOBO 10.0.10.

Security Advisory 2021-03
In psgi-based docker installations, OTOBO admins could access sensitive data. This vulnerability ONLY affects systems, where psgi was exclicitly chosen during installation. Standard installations implemented as described in the documentation are NOT affected. 
Patched in OTOBO 10.0.9.

Security Advisory 2021-02
Survey Module: Survey administrator can craft a survey in such way that malicious code can be executed in the agent interface (i.e. another agent who wants to make changes in the survey). Risk Level: 3.5 LOW.
Patched in OTOBO Survey Module 10.0.3.


Security Advisory 2021-01
Several vulnerabilities in CKEditor. Risk Level: 5.5 MEDIUM.
Patched in OTOBO 10.0.8.

Security Advisory 2020-01
OTOBO uses jquery version 3.4.1, which is vulnerable to cross-site scripting (XSS). Risk Level: 6.3 / 6.5 MEDIUM.
Patched in OTOBO 10.0.5.

Additional features and packages can be found at https://ftp.otobo.org/pub/otobo/packages/ and in the OTOBO Package Administration.

Thank you for your contributions to OTOBO!
Please visit the OTOBO Forum for support, current information, and feedback regarding OTOBO.